<?php

session_start();

if (isset($_POST['user_id']) && ($_POST['reg_user_pass']))
{
	//if user trys to log in
	$userid=$_POST['user_id'];
	$password=$_POST['reg_user_pass'];
	
	$db_conn = new MySQLi('mysql.sentelia.com','sentelia_fhp','5d4BNmMe');
	
	if (mysqli_connect_errno())
	{
		echo 'Connection to database failed: '.mysqli_connect_errno();
		exit();
	}
	
	$query='select *from registered_users '."where name='user_id' "."and password=sha1($password')";
	
	$result = $db_conn->query($query);
	if($result->num_rows)
	{
		//if they are in the database register the user id
		$_SESSION['valid_user'] = $userid;
	}
	$db_conn->close();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Registered Users</title>
</head>

<body>
<h1> Registered User Page<h1>
<?
if (isset($_SESSION['valid_user']))
{
	echo 'Logged in as: '.$_SESSION['valid_user']. '<br />';
	echo '<a href="logout.php"> Log out </a><BR />';
}
else
{
	if(isset($userid))
	{
		//failed log-in
		echo 'Could not log you in. <br />';
	}
	else
	{
		//not logged in
		echo'You are not logged in. <br />';
		
	}
	//log- in form
	echo'<form method="post" action="authmain.php">';
	echo'<table>';
	echo'<tr><td>Userid:</td>';
	echo'<td><input type="text" name="userid"></td></tr>';
	echo'<tr><td>Password:</td>';
	echo'<td><input type="password" name="password"></td></tr>';
	echo'<tr><td colspan="2" align="center">';
	echo'<input type="submit" value="Log-in"></td></tr>';
	echo'</table></form>';
}
?>
<br/>
<a href="registered_users_only.php"> Registered Users Only Section</a>
</body>
</html>